Protecting content with DHTML

Jason blogs about Pixelpass which allows you to read blogs by paying for it. The protection is done using DHTML which is a bad idea.

I love it when something like this comes my way. Entering the following in the address bar gives me access to the content - so much for security.

javascript:void(document.getElementById("_ppImageLayer").style.visibility = "hidden")

This company should consider using some other mechanism to protect content. I shall let them know about this.

Update: I wrote to them but never got a reply.

1 Comment

  • This is definitely not secure. A greasemonkey script could even determine the div id (possibly regex if they name it differently or some other method) and just autohide it on load to anywhere it detects it.



    It's an interesting idea but I'm not sure people are ready to pay for blog access even it if was working fully.

Comments have been disabled for this content.